<?
//conect to mysql
$db = mysql_connect("localhost", "usr_2012_16", "se09member");
if (!$db) {
	print "Error - Could not connect to MySQL";
	exit;
}
// Select the database
$er = mysql_select_db("db_2012_16");
if (!$er) {
	print "Error - Could not select the database db_2012_16";
	exit;
}
$query = "select * from se_user where email = '" . $email . "' and password = '" . md5($password) . "';";
// Execute the query
$result = mysql_query($query);
if (!$result) {
	print "Error - the query could not be executed";
	$error = mysql_error();
	print "<p>" . $error . "</p>";
	exit;
}
else if (mysql_num_rows($result) == 0){
	print "<p>no such user or Password error, system will return automatically in 3 seconds...</p>";
	print "<meta http-equiv=\"refresh\" content=\"3;url=index.html\">";
	exit;
}
session_start();
$row = mysql_fetch_array($result);
$_SESSION['uid'] = $row['uid'];
$_SESSION['email'] = $row['email'];
$_SESSION['nick_name'] = $row['nick_name'];
if ($row['role'] == 0){
	print "<p>Welcome back, " . $row['nick_name'] . ", you're administrator, system will turn to admin-page automatically in 3 seconds...</p>";
	print "<meta http-equiv=\"refresh\" content=\"0;url=exercise_management.php\">";
	exit;
} else {
    print "<p>You're logged in.</p>";
    print "<meta http-equiv=\"refresh\" content=\"0;url=dashboard.php\">";
    exit;
}
?>
